You-rabbit.com
You-rabbit.com is a new malware variant of the Trojan horse family that can infect computers without getting spotted by their antivirus programs. Viruses like You-rabbit.com can be used in different ways, including for data and money theft, espionage, and Ransomware distribution.
Since this is a new addition to the Trojan horse category and there’s still not enough research on it, it is difficult to tell exactly what the main goal of this infection is. Furthermore, it is possible that the virus can be used for different tasks on the different computers it infects. The Trojan horse malware type is very versatile in general and its representatives can be tasked with the completion of a wide variety of harmful actions. Currently, we can give you information about the most likely uses of the You-rabbit.com threat so that you know what you might face if this virus enters/has entered your computer.
The You-rabbit.com Virus
Nowadays, one of the most popular uses of threats, like You-rabbit.com virus, is for the distribution of other, more specialized, forms of malware.The You-rabbit.com virus, serving as an externally loaded add-on for browsers based on Chromium, carries out browser-based actions to manipulate the content of the designated cryptocurrency website.
Prevention tips
The best way to stop any form of malware from damaging your computer is to make sure the malicious program never gets inside your PC in the first place.
When talking about Trojans, it’s important to note that most such threats rely on the victim’s own gullibility to get the malware inside their computer. This is done by using disguises for the virus and presenting it to the user as something the latter is likely to download. It could be a popular game distributed for free by a torrent site or some other piece of software. It could also be a misleading email attachment that contains the Trojan. Because of this, you really need to use your common sense when browsing the Internet and only interact with and download content that you have found on reliable sites that have a good reputation.
SUMMARY:
Name | You-rabbit.com |
Type | Trojan |
Detection Tool |
Please follow all the steps below in order to remove You-rabbit.com!
How to remove You-rabbit.com
- First, click the Start Menu on your Windows PC.
- Type Programs and Settings in the Start Menu, click the first item, and find You-rabbit.com in the programs list that would show up.
- Select You-rabbit.com from the list and click on Uninstall.
- Follow the steps in the removal wizard.
If you have a Mac virus, please use our How to remove Ads on Mac guide.
If you have an Android virus, please use our Android Malware Removal guide.
If you have an iPhone virus, please use our iPhone Virus Removal guide.
Read more…
What we suggest you do first is, check the list of programs that are presently installed on the infected device and uninstall any rogue software that you find there:
- From the Start Menu, navigate to Control Panel ->>> Programs and Features ->>> Uninstall a Program.
- Next, carefully search for unfamiliar programs or programs that have been installed recently and could be related to You-rabbit.com.
- If you find any of the programs suspicious then uninstall them if they turn out to be linked to You-rabbit.com.
- If a notification appears on your screen when you try to uninstall a specific questionable program prompting you to just alter it or repair it, make sure you choose NO and complete the steps from the removal wizard.
Remove You-rabbit.com from Chrome
- Click on the three dots in the right upper corner
- Go to more tools
- Now select extensions
- Remove the You-rabbit.com extension
Read more…
- Once you open Chrome, click on the three-dots icon to open the browser’s menu, go to More Tools/ More Options, and then to Extensions.
- Again, find the items on that page that could be linked to the malware and/or that might be causing problems in the browser and delete them.
- Afterwards, go to this folder: Computer > C: > Users > *Your User Account* > App Data > Local > Google > Chrome > User Data. In there, you will find a folder named Default – you should change its name to Backup Default and restart the PC.
- Note that the App Data folder is normally hidden so you’d have to first make the hidden files and folders on your PC visible before you can access it.
How to get rid of You-rabbit.com on FF/Edge/etc.
- Open the browser and select the menu icon.
- From the menu, click on the Add-ons button.
- Look for the You-rabbit.com extension
- Get rid of You-rabbit.com by removing it from extensions
Read more…
If using Firefox:
- Open Firefox
- Select the three parallel lines menu and go to Add-ons.
- Find the unwanted add-on and delete it from the browser – if there is more than one unwanted extension, remove all of them.
- Go to the browser menu again, select Options, and then click on Home from the sidebar to the left.
- Check the current addresses for the browser’s homepage and new-tab page and change them if they are currently set to address(es) you don’t know or trust.
If using MS Edge/IE:
- Start Edge
- Select the browser menu and go to Extensions.
- Find and uninstall any Edge extensions that look undesirable and unwanted.
- Select Settings from the browser menu and click on Appearance.
- Check the new-tab page address of the browser and if it has been modified by the malicious program or another unwanted app, change it to an address that you’d want to be the browser’s new-tab page.
How to Delete You-rabbit.com
- Open task manager
- Look for the You-rabbit.com process
- Select it and click on End task
- Open the file location to delete You-rabbit.com
Read more…
- Access the Task Manager by pressing together the Ctrl + Alt + Del keys and then selecting Task Manager.
- Open Processes and there try to find a process with the name of the unwanted software. If you find it, select it with the right button of the mouse and click on the Open File Location option.
- If you don’t see a malicious process in the Task Manager, look for another suspicious process with an unusual name. It is likely that the unwanted process would be using lots of RAM and CPU so pay attention to the number of resources each process is using.
- Tip: If you think you have singled out the unwanted process but are not sure, it’s always a good idea to search for information about it on the Internet – this should give you a general idea if the process is a legitimate one from a regular program or from your OS or if it is indeed likely linked to the adware.
- If you find another suspicious process, open its File Location too.
- Once in the File Location folder for the suspicious process, start testing all of the files that are stored there by dragging them to our free online scanner available below.
- Each file will be scanned with up to 64 antivirus programs to ensure maximum accuracyThis scanner is free and will always remain free for our website's users.This file is not matched with any known malware in the database. You can either do a full real-time scan of the file or skip it to upload a new file. Doing a full scan with 64 antivirus programs can take up to 3-4 minutes per file.Drag and Drop File Here To ScanAnalyzing 0 sEach file will be scanned with up to 64 antivirus programs to ensure maximum accuracyThis scanner is based on VirusTotal's API. By submitting data to it, you agree to their Terms of Service and Privacy Policy, and to the sharing of your sample submission with the security community. Please do not submit files with personal information if you do not want them to be shared.
- If the scanner finds malware in any of the files, return to the Processes tab in the Task Manager, select the suspected process, and then select the End Process option to quit it.
- Go back to the folder where the files of that process are located and delete all of the files that you are allowed to delete. If all files get deleted normally, exit the folder and delete that folder too. If one or more of the files showed an error message when you tried to delete them, leave them for now and return to try to delete them again once you’ve completed the rest of the guide.
How to Uninstall You-rabbit.com
- Click on the home button
- Search for Startup Apps
- Look for You-rabbit.com in there
- Uninstall You-rabbit.com from Startup Apps by turning it off
Read more…
- Now you need to carefully search for and uninstall any You-rabbit.com-related entries from the Registry. The easiest way to do this is to open the Registry Editor app (type Regedit in the windows search field and press Enter) and then open a Find dialog (CTRL+F key combination) where you have to type the name of the threat.
- Perform a search by clicking on the Find Next button and delete any detected results. Do this as many times as needed until no more results are found.
- After that, to ensure that there are no remaining entries lined to You-rabbit.com in the Registry, go manually to the following directories and delete them:
- HKEY_CURRENT_USER/Software/Random Directory.
- HKEY_CURRENT_USER/Software/Microsoft/Windows/CurrentVersion/Run/Random
- HKEY_CURRENT_USER/Software/Microsoft/Internet Explorer/Main/Random
What is You-rabbit.com?
This type of malware is used for spying on the targeted victim with the goal to collect some form of sensitive information. Depending on what the collected data is, it could be used in different ways. For instance, if the virus has acquired your banking details, this may allow the hackers to silently drain your bank accounts. The primary objective of this malevolent add-on is to pilfer cryptocurrency from unsuspecting victims and transfer it to the wallet controlled by the threat actors.
Furthermore, being a browser add-on, it can be installed on various platforms that support Chromium-based browsers. While the installation process of this malicious add-on and the infection chain outlined in this article pertain specifically to Windows, it can be effortlessly adapted by the threat actors to target Linux and macOS users, as long as the victims employ Chromium-based browsers. In other cases, if the Trojan has gotten to some personal details about you, the hackers may blackmail you for a ransom payment by threatening you that those details may be sent to everybody who knows you.
Is You-rabbit dangerous?
One of the most common Trojan horse uses is when You-rabbit.com, Fractureiser or another similar virus takes over the whole system and starts launching different processes in the computer without your permission. Usually, those processes are aimed at mining Bitcoins (or other cryptocurrencies) for the hackers or at targeting other users with spam messages to further spread the virus.
Leave a Comment